Skip to content

Commit 5a91868

Browse files
rado17krish2718
rado17
authored and
krish2718
committed
[nrf noup] modules: hostap: Support Wi-Fi EAP-TLS mode
Support Wi-Fi enterprise mode with NRF_SECURITY. Signed-off-by: Ravi Dondaputi <[email protected]>
1 parent 5d5103c commit 5a91868

File tree

2 files changed

+40
-3
lines changed

2 files changed

+40
-3
lines changed

modules/hostap/CMakeLists.txt

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -612,7 +612,8 @@ zephyr_library_sources_ifdef(CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE
612612
)
613613
endif()
614614

615-
if(CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT)
615+
if(DEFINED ONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT OR
616+
DEFINED CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT_LEGACY_NCS)
616617
zephyr_include_directories(
617618
${HOSTAP_BASE}/port/mbedtls
618619
)
@@ -621,6 +622,11 @@ zephyr_library_sources(
621622
${HOSTAP_SRC_BASE}/crypto/crypto_mbedtls_alt.c
622623
${HOSTAP_SRC_BASE}/crypto/tls_mbedtls_alt.c
623624
${HOSTAP_SRC_BASE}/crypto/rc4.c
625+
${HOSTAP_SRC_BASE}/crypto/aes-wrap.c
626+
${HOSTAP_SRC_BASE}/crypto/aes-unwrap.c
627+
${HOSTAP_SRC_BASE}/crypto/aes-internal-dec.c
628+
${HOSTAP_SRC_BASE}/crypto/aes-internal.c
629+
${HOSTAP_SRC_BASE}/crypto/aes-internal-enc.c
624630
)
625631

626632
zephyr_library_sources_ifdef(CONFIG_WIFI_NM_WPA_SUPPLICANT_CRYPTO_MBEDTLS_PSA

modules/hostap/Kconfig

Lines changed: 33 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -109,8 +109,8 @@ config WIFI_NM_WPA_SUPPLICANT_WEP
109109

110110
choice WIFI_NM_WPA_SUPPLICANT_CRYPTO_BACKEND
111111
prompt "WPA supplicant crypto implementation"
112-
default WIFI_NM_WPA_SUPPLICANT_CRYPTO_LEGACY_NCS
113112
default WIFI_NM_WPA_SUPPLICANT_CRYPTO_LEGACY_NCS_PSA if SOC_SERIES_NRF54LX
113+
default WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT_LEGACY_NCS
114114
help
115115
Select the crypto implementation to use for WPA supplicant.
116116
WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT supports enterprise mode
@@ -211,6 +211,38 @@ config WIFI_NM_WPA_SUPPLICANT_CRYPTO_LEGACY_NCS_PSA
211211
select MBEDTLS_PKCS5_C
212212
select MBEDTLS_ECP_DP_SECP256R1_ENABLED
213213

214+
config WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT_LEGACY_NCS
215+
bool "Legacy Crypto support for WiFi using nRF security"
216+
select MBEDTLS
217+
select NRF_SECURITY
218+
select MBEDTLS_X509_LIBRARY
219+
select MBEDTLS_TLS_LIBRARY
220+
select MBEDTLS_CTR_DRBG_C
221+
select PSA_WANT_AES_KEY_SIZE_256
222+
select MBEDTLS_RSA_C
223+
select MBEDTLS_CIPHER_MODE_CBC
224+
select MBEDTLS_CIPHER_MODE_CTR
225+
select MBEDTLS_LEGACY_CRYPTO_C
226+
select MBEDTLS_ENTROPY_C
227+
select MBEDTLS_CIPHER
228+
select MBEDTLS_ECP_C
229+
select MBEDTLS_PKCS5_C
230+
select MBEDTLS_PK_WRITE_C
231+
select MBEDTLS_ECDH_C
232+
select MBEDTLS_ECDSA_C
233+
select MBEDTLS_DHM_C
234+
select MBEDTLS_SSL_TLS_C
235+
select MBEDTLS_SSL_SRV_C
236+
select MBEDTLS_SSL_CLI_C
237+
select MBEDTLS_HKDF_C
238+
select MBEDTLS_X509_CRL_PARSE_C
239+
select MBEDTLS_KEY_EXCHANGE_ALL_ENABLED
240+
select MBEDTLS_MD_C
241+
select MBEDTLS_MD5_C
242+
select MBEDTLS_CIPHER_PADDING_PKCS7
243+
select MBEDTLS_TLS_VERSION_1_2
244+
select MBEDTLS_ENTROPY_C
245+
214246
config WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE
215247
bool "No Crypto support for WiFi"
216248

@@ -223,7 +255,6 @@ config WIFI_NM_WPA_SUPPLICANT_CRYPTO_MBEDTLS_PSA
223255

224256
config WIFI_NM_WPA_SUPPLICANT_CRYPTO_ENTERPRISE
225257
bool "Enterprise Crypto support for WiFi"
226-
select MBEDTLS_PEM_CERTIFICATE_FORMAT
227258
depends on !WIFI_NM_WPA_SUPPLICANT_CRYPTO_NONE
228259

229260
config EAP_TLS

0 commit comments

Comments
 (0)